cyrus and ssl

Christian Beilstein cbeilstein at gmx.ch
Wed Jan 14 07:21:23 EST 2004 

Troy McKinnon wrote:
> This is most likely a ssl configuration issue but I would really appreciate
> any help on this.
> 
> I followed the setup as per "  luc's  " how to on postfix-cyrus
> 
> netstat shows me that my server is running:
> 
> tcp        0      0 0.0.0.0:20000           0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:2401            0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:15              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN
> tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN
> tcp        0      0 127.0.0.1:8005          :::*                    LISTEN
> tcp        0      0 :::8009                 :::*                    LISTEN
> tcp        0      0 :::8080                 :::*                    LISTEN
> tcp        0      0 :::53                   :::*                    LISTEN
> tcp        0      0 :::22                   :::*                    LISTEN
> 
> 
> when I connect to the server via OULOOK express and ssl encrypt it says it
> is an untrusted domain, and if I want to download the cert.
> (I created my own cert as per howto)... and once downloaded I get connection
> refused error.
-have you tried another client (e.g. Thunderbird 
(http://www.mozilla.org/) and are you getting the same error(s)?

- have a look at your logfiles (what kind of errors are listed there?)

- what exactly does outlook express tell you? Does it provide an 
errorcode (like 800ccc0e or similar)?

- to solve your problem with the untrusted certificate: either you let 
your certificate sign by an existing certificate authority (eg versigin) 
- or you set up your own certificate authoritiy and sign your own 
certificates (thats the cheaper way :-), but you then have to install 
the ca-certificate on your system since it isn't built by microsoft ;-)
How to do that: look at the "SSL Certificates HOWTO" (google will find 
it ;-)
> 
> Regular IMAP or POP3 works fine but I would like to disable that for ssl.
> 
> Any ideas what I have done wrong?
> 
> Thanks
> 
> Troy
> 
> 
regards

chris

More information about the Info-cyrus mailing list